Date: Tue, 17 Jul 2001 14:08:25 -0500 From: "Steven Ames" <steve@virtual-voodoo.com> To: <nathan@corp.wac.com>, "jono@networkcommand.com" <jono@microshaft.org> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: Exec logging, FreeBSD Kernel Module. Message-ID: <020f01c10ef3$db082370$50038c3f@eservoffice.com> References: <20010717123422.A97994@rapid.black.pl> <20010717104227.A46090@networkcommand.com> <003401c10ef4$4b631bc0$f5c8a8c0@NATHAN>
next in thread | previous in thread | raw e-mail | index | archive | help
Sure. However you have to have 'snp' devices configured into the kernel. device snp In 4.X that may read something more like: device snp 1 I don't remember. -Steve ----- Original Message ----- From: <nathan@corp.wac.com> To: "jono@networkcommand.com" <jono@microshaft.org> Cc: <freebsd-security@FreeBSD.ORG> Sent: Tuesday, July 17, 2001 2:11 PM Subject: Re: Exec logging, FreeBSD Kernel Module. > > to reply to your last message.. i've never been able to get watch to work > properly. has anyone else? > > > ----- Original Message ----- > From: "Jon O ." <jono@microshaft.org> > To: "Artur Meski" <glash@freebsd.net.pl> > Cc: <freebsd-security@FreeBSD.ORG> > Sent: Tuesday, July 17, 2001 10:42 AM > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > > See below: > > > > > > # man watch > > WATCH(8) FreeBSD System Manager's Manual > WATCH(8) > > > > NAME > > watch - snoop on another tty line > > > > SYNOPSIS > > watch [-ciotnW] [tty] > > > > DESCRIPTION > > Watch allows the superuser to examine all data coming through a > specified > > tty. Watch writes to standard output. > > > > > > > > # man snp > > SNP(4) FreeBSD Kernel Interfaces Manual > SNP(4) > > > > NAME > > snp - tty snoop interface > > > > SYNOPSIS > > #include <sys/snoop.h> > > > > > > > > > > On 17-Jul-2001, Artur Meski wrote: > > > Hi. > > > > > > I'm looking for FreeBSD Kernel Module, which will log all executed > commands > > > by users. Could somebody help me? > > > > > > -- > > > Artur Meski [glash@freebsd.net.pl] [tel +48606494552] > [http://glash.black.pl/] > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?020f01c10ef3$db082370$50038c3f>